<?php
require_once('msc-load.php');
require_once('includes/session-handler.php');
require_once('msc-functions.php');




//---------------CHANGE PASSWORD--------------------OK-------------------------
function ChangePassword() { 

    global $db;
    $info = getUserInfo();
    $email = $info['email'];
    
   
    $query = "SELECT Password FROM USERS WHERE Email='$email'";
    $result = mysqli_query($db, $query);  //AYTA TA BRHKA KAI TELIKA PAIZEI ALLA TI SKATA SHMAINOYN????OEO????
    $resultarr = mysqli_fetch_assoc($result);// KAI EDW
    $password = $resultarr["Password"];


    $passwordcheck = md5($_POST['current_password']);
    
    $newpassword=$_POST['new_password'];
    $newpasswordagain=$_POST['new_password_again'];

    if ($newpasswordagain <> $newpassword){  //ean tis plhrei elegxei ean ta dyo pedia tou kainoyrgiou kwdikou tairizoun
        header('Location: ../user-profile-settings.php?status=mismatched'); //ean den tairiazoun redirect sthn selida me orisma password=mismatched
    }
    elseif ($passwordcheck <> $password){ // elegxei ean o kwdikos pou ebale o xrhsths tairiazei me auton sthn vasi
        header('Location: ../user-profile-settings.php?status=wrong'); //ean den tairiazei redirect sthn selida me orisma password=wrong
        } 
    elseif(!checkPassword2($newpassword)){ // kalei thn synarthsh tou kwsta kai elegxei ean o neos kwdikos plhrei tiw proupotheseis
    header('Location: ../user-profile-settings.php?status=short');
        }
    else {
        $hashed=md5($newpassword);
    }
                 
    if($password == $passwordcheck && $newpasswordagain == $newpassword && checkPassword2($newpassword)){
       $query = "UPDATE USERS SET Password = '$hashed' WHERE Email ='$email'" ;                    
	   $data=$db->query($query); 
      if($data)
      {header('Location: ../user-profile-settings.php?status=ok');}
       
    }
    
}

//_____________CHANGE INFO_______________OK________________________________

  function ChangeInfo(){
    $info = getUserInfo();
    $email = $info['email'];
    global $db;

    $firstname=$_POST['FirstName'];
    $lastname=$_POST['LastName'];
    $phone=$_POST['PhoneNumber'];

    if($firstname <> $info['name'])
    {
    $query = "UPDATE USERS SET FirstName = '$firstname'  WHERE Email='$email'";
	$data = $db->query($query); 
    header('Location: ../user-profile-settings.php?change=firstname');
      
    }

    if($lastname <> $info['lastname']){
    $query = "UPDATE USERS SET LastName = '$lastname'  WHERE Email='$email'";
	$data = $db->query($query); 
    header('Location: ../user-profile-settings.php?change=lastname');
    }
    
    if($phone <> $info['phone']){
    $query = "UPDATE USERS SET Phone = '$phone'  WHERE Email='$email'";
	$data = $db->query($query);
    header('Location: ../user-profile-settings.php?change=phone');
    }

}


//--------------DELETE ACCOUNT ---------------OK-----------------------

function DeleteAccount(){

    
    $info = getUserInfo();
    $email = $info['email'];
    global $db;
    
    $query="DELETE FROM USERS WHERE `Email`='$email'";
    $data = $db->query($query);

    header('Location: ../logout.php');
    
}


//------------------SIGN IN ---------------------password check goudakos-----------------
function checkPassword2($pwd) {
  
    if (strlen($pwd) < 8) {
        return false;
    }

    if (!preg_match("#[0-9]+#", $pwd)) {
        return false;
    }

    if (!preg_match("#[a-zA-Z]+#", $pwd)) {
        return false;
    }  
	
	return true;
    
}



if(isset($_POST['changepassword']))
   {
       ChangePassword();
   }
if(isset($_POST['delete']))
   {
       DeleteAccount();
   }
if(isset($_POST['changeinfo']))
   {
       ChangeInfo();
   }
?>

